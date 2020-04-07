A new study of Android apps found that thousands appear to contain hidden back doors that facilitate secret behavior, in just the latest reminder of how aggressively incomplete app developers continue to attack the Google Play Store.

The study looked at 150,000 apps, including 100,000 of the most popular on the market for Google-owned apps, as well as apps from Baidu and Samsung.

The study comes through researchers from Ohio and New York State Universities, as well as the Helmholtz Center for Information Security, and examined 150,000 applications, the 100,000 most popular Google Play applications around April 2019, plus 20,000 applications from Baidu and 30,000 other apps that Samsung preloads on their devices. Attention focused on two specific issues: the extent to which applications support secret behavior and there is an inherent danger of abuse.

Among the findings: Nearly 13,000 of the 150,000 applications that were studied suggested the presence of back doors through things the researchers found such as secret passwords and master passwords. More than 4,000 also appeared to be searching for blacklisted keywords, such as the names of political figures and other words related to controversial news topics. Nearly 7% of Google Play Store apps suggested the presence of back doors, while 5.3% of Baidu apps did, according to the study. Double that for pre-installed apps on devices (16% or so).

That's part of the reason why a few dozen privacy-minded organizations sent a letter to Google CEO Sundar Pichai earlier this year, asking Google to further reduce the so-called bloatware that is pre-installed on devices. . "These pre-installed applications may have privileged custom permissions that allow them to operate outside of the Android security model," they wrote. "This means that the app can define permissions, including microphone, camera, and location access, without activating Android's standard security cues. Users are therefore completely in the dark about these serious intrusions."

Also as part of the new Android app study, the researchers randomly selected 30 apps that had at least 1 million installs, and found one that allowed remote logins. It's the kind of thing the Play Store has been endlessly haunted with, and while Google's security team removes threats as soon as they are found or published in the press, it still has to deal with the headache of public relations derived from sneaking apps you can do everything from Sign in to Google and Facebook accounts to access key features of a user's device, spread malware, and more.

